|
|
Log in / Subscribe / Register

Ubuntu alert USN-8180-5 (linux-ibm, linux-ibm-5.15)



From:
              Giampaolo Fresi Roglia <giampaolo.fresi.roglia@canonical.com>


To:
              ubuntu-security-announce@lists.ubuntu.com


Subject:
              [USN-8180-5] Linux kernel (IBM) vulnerabilities


Date:
              Fri, 24 Apr 2026 11:43:40 +0200


Message-ID:
              <ap4oulwlxwsng3.fsf@canonical.com>


==========================================================================
Ubuntu Security Notice USN-8180-5
April 24, 2026

linux-ibm, linux-ibm-5.15 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-ibm: Linux kernel for IBM cloud systems
- linux-ibm-5.15: Linux kernel for IBM cloud systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
  - ARM64 architecture;
  - Block layer subsystem;
  - Drivers core;
  - Bluetooth drivers;
  - DMA engine subsystem;
  - GPU drivers;
  - HID subsystem;
  - Intel Trace Hub HW tracing drivers;
  - IIO ADC drivers;
  - IRQ chip drivers;
  - Modular ISDN driver;
  - LED subsystem;
  - UACCE accelerator framework;
  - Ethernet bonding driver;
  - Network drivers;
  - STMicroelectronics network drivers;
  - Ethernet team driver;
  - NVME drivers;
  - PHY drivers;
  - SLIMbus drivers;
  - W1 Dallas's 1-wire bus driver;
  - Xen hypervisor drivers;
  - BTRFS file system;
  - Ext4 file system;
  - Network file system (NFS) client;
  - Network file system (NFS) server daemon;
  - NTFS3 file system;
  - SMB network file system;
  - NFC subsystem;
  - BPF subsystem;
  - IRQ subsystem;
  - Memory management;
  - Bluetooth subsystem;
  - CAN network layer;
  - Networking core;
  - IPv4 networking;
  - IPv6 networking;
  - L2TP protocol;
  - NET/ROM layer;
  - Network traffic control;
  - SCTP protocol;
  - TLS protocol;
  - XFRM subsystem;
  - Creative Sound Blaster X-Fi driver;
  - USB sound devices;
(CVE-2023-53421, CVE-2023-53520, CVE-2023-53662, CVE-2023-54207,
CVE-2025-38057, CVE-2025-38125, CVE-2025-38232, CVE-2025-38408,
CVE-2025-38591, CVE-2025-40149, CVE-2025-40164, CVE-2025-68211,
CVE-2025-68340, CVE-2025-68365, CVE-2025-68725, CVE-2025-68817,
CVE-2025-71162, CVE-2025-71163, CVE-2025-71185, CVE-2025-71186,
CVE-2025-71188, CVE-2025-71190, CVE-2025-71191, CVE-2025-71194,
CVE-2025-71196, CVE-2025-71197, CVE-2025-71199, CVE-2026-22997,
CVE-2026-22998, CVE-2026-22999, CVE-2026-23001, CVE-2026-23003,
CVE-2026-23011, CVE-2026-23026, CVE-2026-23033, CVE-2026-23037,
CVE-2026-23038, CVE-2026-23049, CVE-2026-23056, CVE-2026-23058,
CVE-2026-23061, CVE-2026-23063, CVE-2026-23064, CVE-2026-23071,
CVE-2026-23073, CVE-2026-23075, CVE-2026-23076, CVE-2026-23078,
CVE-2026-23080, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085,
CVE-2026-23087, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091,
CVE-2026-23093, CVE-2026-23095, CVE-2026-23096, CVE-2026-23097,
CVE-2026-23098, CVE-2026-23099, CVE-2026-23101, CVE-2026-23103,
CVE-2026-23105, CVE-2026-23108, CVE-2026-23119, CVE-2026-23120,
CVE-2026-23121, CVE-2026-23124, CVE-2026-23125, CVE-2026-23128,
CVE-2026-23133, CVE-2026-23145, CVE-2026-23146, CVE-2026-23150,
CVE-2026-23164, CVE-2026-23167, CVE-2026-23170, CVE-2026-23209)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
  linux-image-5.15.0-1099-ibm     5.15.0-1099.102
  linux-image-ibm                 5.15.0.1099.95
  linux-image-ibm-5.15            5.15.0.1099.95

Ubuntu 20.04 LTS
  linux-image-5.15.0-1099-ibm     5.15.0-1099.102~20.04.1
                                  Available with Ubuntu Pro
  linux-image-ibm                 5.15.0.1099.102~20.04.1
                                  Available with Ubuntu Pro
  linux-image-ibm-5.15            5.15.0.1099.102~20.04.1
                                  Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
  https://ubuntu.com/security/notices/USN-8180-5
  https://ubuntu.com/security/notices/USN-8180-4
  https://ubuntu.com/security/notices/USN-8180-3
  https://ubuntu.com/security/notices/USN-8180-2
  https://ubuntu.com/security/notices/USN-8180-1
  CVE-2023-53421, CVE-2023-53520, CVE-2023-53662, CVE-2023-54207,
  CVE-2025-38057, CVE-2025-38125, CVE-2025-38232, CVE-2025-38408,
  CVE-2025-38591, CVE-2025-40149, CVE-2025-40164, CVE-2025-68211,
  CVE-2025-68340, CVE-2025-68365, CVE-2025-68725, CVE-2025-68817,
  CVE-2025-71162, CVE-2025-71163, CVE-2025-71185, CVE-2025-71186,
  CVE-2025-71188, CVE-2025-71190, CVE-2025-71191, CVE-2025-71194,
  CVE-2025-71196, CVE-2025-71197, CVE-2025-71199, CVE-2026-22997,
  CVE-2026-22998, CVE-2026-22999, CVE-2026-23001, CVE-2026-23003,
  CVE-2026-23011, CVE-2026-23026, CVE-2026-23033, CVE-2026-23037,
  CVE-2026-23038, CVE-2026-23049, CVE-2026-23056, CVE-2026-23058,
  CVE-2026-23061, CVE-2026-23063, CVE-2026-23064, CVE-2026-23071,
  CVE-2026-23073, CVE-2026-23075, CVE-2026-23076, CVE-2026-23078,
  CVE-2026-23080, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085,
  CVE-2026-23087, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091,
  CVE-2026-23093, CVE-2026-23095, CVE-2026-23096, CVE-2026-23097,
  CVE-2026-23098, CVE-2026-23099, CVE-2026-23101, CVE-2026-23103,
  CVE-2026-23105, CVE-2026-23108, CVE-2026-23119, CVE-2026-23120,
  CVE-2026-23121, CVE-2026-23124, CVE-2026-23125, CVE-2026-23128,
  CVE-2026-23133, CVE-2026-23145, CVE-2026-23146, CVE-2026-23150,
  CVE-2026-23164, CVE-2026-23167, CVE-2026-23170, CVE-2026-23209

Package Information:
  https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-109...





Attachment: signature.asc (type=application/pgp-signature)

-----BEGIN PGP SIGNATURE-----

iQHZBAEBCgBDFiEEBcMY+nwS2CY71sUWc4vdAqvdlsYFAmnrO0wlHGdpYW1wYW9s
by5mcmVzaS5yb2dsaWFAY2Fub25pY2FsLmNvbQAKCRBzi90Cq92WxvisC/0ZJeWz
zx4q+SbrVK+pSbVc2TJhY5EMooCNnlGYUGLhkrkDqa8yTXcQWV/li5OV07F3Gxbd
QpYrNwTfcU2Ao0XChjjXlsMrytyYcu4budK6VCenQH+9mDINkajm2MtUEpH+3P7/
AwJ8UQkkwe5JkrqyxCn9MUvy1LXk2IjRsWFeH59PwyPVbcA8xul++USfr+ct4/4q
UrwhtExJltKGyMQb0EWlqsQDtGyfpzFSINaQoMFn40naWQirbQl3+uPIGYK7pejf
WW2W0uiQwC5ZvopyVnN42NMwecccRGNEJFmaLFlQXOyhwu363uDwB65eqIv50OkE
TZGXwyv8uZc3nf4Pi0sGbAeQLenQ2lL/vPTEs1o1LBOF+KepcT7cJzSVC+n3fHOn
+jNv/Q77bW24kbD7g5m1sODroZkoFPXgmEr0XhInje+QDL3nO3HS3uWDbR4+OfHU
IBJBPdUBzclcqmAe8PEz9Sh14jkpEuew1YU8aQmZH44l3yzgcvEFMayKIJ4=
=PQw2
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds